New security problem for Apple

security problem for Apple

Few systems are so solid, stable and above all, safe, like iOS, the platform that moves the iPhone and the iPad; maybe for this reason every time vulnerability is detected in this operating system, the alarms go off. However, a group of hackers has published on GitHub (an online code repository) part of the source code of iOS 9, an unprecedented fact that experts on the platform like the author Jonathan Levin have not hesitated to describe the fact as “the greatest filtration of history” and that could open the door to cracking its unbreakable security. Apple has rejected that the publication of the code supposes a greater vulnerability and defends that their security is not dependent on that this is kept secret.

What has been filtered in particular is the source code on the part of IOS 9, specifically the section that is responsible for a safe boot of the system (what on any computer we know as BIOS). Why is this leak important? Because it could give the keys to hackers to attack a system that, up to the date, has been practically unbreakable. This would be the headline with thick line, but it is worth going a little further: what has been published on the network corresponds to iOS 9 and the current version, completely redesigned, it is iOS 11; On the other hand, the architecture of iOS 11 is designed exclusively for 64-bit systems, which makes it easy to believe that it has been used to completely redesign the platform.

The real danger is that part of the iOS 9 code has been exploited on the current platform, and this is quite likely. Apple’s response was not soon in coming, but not in terms of user security – possibly because they did not consider that it was in danger – but in the judicial plane: those that Cupertino have demanded to GitHub the withdrawal of the aforementioned code (it is a warning of a legal nature and under the threat of legal sanctions) and the code has been immediately withdrawn.

The problem is that “iBoot”, as it was baptized at the entrance to GitHub, had been available for several weeks before jumping into the media. However, even in this case the system would be threatened for the reasons mentioned above, but what is expected is that this filtering is used for new editions of the jailbreak (the alteration of the platform that removes the restrictions of the house).

Apple response

The company has responded tonight on Thursday: “Apparently, an old source code has been leaked, three years ago. By design, the security of our products does not depend on our source code being kept secret. There are many layers of hardware and software protections built into our products and, in addition, we always encourage our customers to upgrade to the latest versions of the product to benefit from the most advanced protection”.

According to the company, 93% of users have downloaded iOS 10 or later. Of these, more than half have version 11, which includes “all the latest security protections”.

In addition, the company maintains that its security does not depend on keeping the code secret, which it considers obsolete, and ensures that it can be made public “voluntarily, accidentally or maliciously”.

Apple continues to reward economically those who are able to find vulnerabilities in the platform with figures that reach $200,000.

Comments are closed, but trackbacks and pingbacks are open.